Abstract

A successful computer system intrusion is often resulted from an attacker combining exploits of individual vulnerability. This can be modelled by attack models and attack graphs to provide a global view on system security against attacker’s goal. However, as the size and complexity of attack models and attack graphs usually greatly exceeds human ability to visualize, understand and analyze, a scheme is required to identify important portions of attack models and attack graphs. Mehta et al. proposed to rank states of an attack model by the probability of an adversary reaching a state by a sequence of exploiting individual vulnerabilities in a previous scheme. Important portions can hence be identified by ranks of states. However, Mehta et al.’s ranking scheme is based on the PageRank algorithm which models a web surfing scenario, but has not considered much on the dissimilarity between web surfing scenarios and computer system intrusion scenarios. In this paper, we extend Mehta et al.’s scheme by taking into consideration dissimilarity between web surfing scenarios and computer system intrusion scenarios. We experiment with the same network model used in Mehta et al.’s scheme and have the results compared. The experiments yielded promising results that demonstrated consistent ranks amongst varying parameters modelled by our ranking scheme.

Author Corner

Links

SelectedWorks Author Gallery

Professor Jennifer SeberryDr Seberry’s studies of the application of discrete mathematics and combinatorial computing via bent functions, S-box design, has led to the design of secure cryptoalgorithms and strong hashing algorithms for secure and reliable information transfer in networks and telecommunications. Her studies of Hadamard matrices and orthogonal designs is applied in CDMA technologies